mailing list of musl libc
 help / color / mirror / code / Atom feed
From: Tim van der Staaij <git@tim.vanderstaaij.email>
To: "musl" <musl@lists.openwall.com>
Subject: [musl] [PATCH] crypt: support $2b$ prefix for blowfish
Date: Thu, 15 Oct 2020 21:56:56 +0200	[thread overview]
Message-ID: <1752dd63ca0.f45c706c130962.3068699904194055827@tim.vanderstaaij.email> (raw)
In-Reply-To: 

2b is functionally equivalent to 2y, i.e. no known bugs at this time.

openbsd, which created the original bcrypt implementation,
and several other implementations use this prefix since 2014:
https://marc.info/?l=openbsd-misc&m=139320023202696
---
 src/crypt/crypt_blowfish.c | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/src/crypt/crypt_blowfish.c b/src/crypt/crypt_blowfish.c
index d3f79851..a5feffe7 100644
--- a/src/crypt/crypt_blowfish.c
+++ b/src/crypt/crypt_blowfish.c
@@ -533,6 +533,7 @@ static void BF_set_key(const char *key, BF_key expanded, BF_key initial,
  * Valid combinations of settings are:
  *
  * Prefix "$2a$": bug = 0, safety = 0x10000
+ * Prefix "$2b$": bug = 0, safety = 0
  * Prefix "$2x$": bug = 1, safety = 0
  * Prefix "$2y$": bug = 0, safety = 0
  */
@@ -600,7 +601,7 @@ static char *BF_crypt(const char *key, const char *setting,
 	char *output, BF_word min)
 {
 	static const unsigned char flags_by_subtype[26] =
-		{2, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+		{2, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
 		0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 4, 0};
 	struct {
 		BF_ctx ctx;
@@ -748,7 +749,7 @@ char *__crypt_blowfish(const char *key, const char *setting, char *output)
 	const char *test_setting = "$2a$00$abcdefghijklmnopqrstuu";
 	static const char test_hash[2][34] =
 		{"VUrPmXD6q/nVSSp7pNDhCR9071IfIRe\0\x55", /* $2x$ */
-		"i1D709vfamulimlGcq0qq3UvuUasvEa\0\x55"}; /* $2a$, $2y$ */
+		"i1D709vfamulimlGcq0qq3UvuUasvEa\0\x55"}; /* $2a$, $2b$, $2y$ */
 	char *retval;
 	const char *p;
 	int ok;
@@ -777,14 +778,14 @@ char *__crypt_blowfish(const char *key, const char *setting, char *output)
 	ok = (p == buf.o &&
 	    !memcmp(p, buf.s, 7 + 22) &&
 	    !memcmp(p + (7 + 22),
-	    test_hash[buf.s[2] & 1],
+	    test_hash[buf.s[2] != 'x'],
 	    31 + 1 + 1 + 1));
 
 	{
 		const char *k = "\xff\xa3" "34" "\xff\xff\xff\xa3" "345";
 		BF_key ae, ai, ye, yi;
 		BF_set_key(k, ae, ai, 2); /* $2a$ */
-		BF_set_key(k, ye, yi, 4); /* $2y$ */
+		BF_set_key(k, ye, yi, 4); /* $2b$, $2y$ */
 		ai[0] ^= 0x10000; /* undo the safety (for comparison) */
 		ok = ok && ai[0] == 0xdb9c59bc && ye[17] == 0x33343500 &&
 		    !memcmp(ae, ye, sizeof(ae)) &&
-- 
2.23.0





             reply	other threads:[~2020-10-15 20:08 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-10-15 19:56 Tim van der Staaij [this message]
2020-10-15 20:32 ` Solar Designer
2020-10-15 20:59   ` Tim van der Staaij
2020-10-17 19:27     ` Solar Designer
2020-10-18  8:57       ` Julien Ramseier
2020-10-18 14:51         ` Tim van der Staaij
2020-10-18 16:12         ` Rich Felker

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1752dd63ca0.f45c706c130962.3068699904194055827@tim.vanderstaaij.email \
    --to=git@tim.vanderstaaij.email \
    --cc=musl@lists.openwall.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
Code repositories for project(s) associated with this public inbox

	https://git.vuxu.org/mirror/musl/

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).